게시판 만들기(4) 코드에 대해서 정리한다.
- 클라이언트 언어로는 HTML, JAVASCRIPT 사용
- 서버 언어로는 PHP 사용
- DB는 MySQL 사용
* 조금더 완성도를 높이기 위해서 처리할 부분들은 많이 있지만 게시판을 만들어보면서 게시판 동작 과정에 대해서
이해하려고 하였고 추후에 시간이 된다면 게시판 기능을 조금더 보완해볼 생각이다..
index.php 메인 페이지
write.php 글쓰기 페이지
signup.php 회원가입 페이지
- 게시판 전체 코드
index.php
<?php
include 'db.php';
session_start();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title> 게시판 </title>
<!-- Bootstrap core CSS -->
<link href="bootstrap-3.3.2-dist/css/bootstrap.min.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="bootstrap-3.3.2-dist/css/jumbotron.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-inverse navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="#"> 게시판 </a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<?php
if( !isset($_SESSION[is_login]) && $_SESSION[in_login] != 1 ) {
?>
<form class="navbar-form navbar-right" method=POST action=signin.php>
<div class="form-group">
<input type="text" name=user_id placeholder="USER ID" class="form-control">
</div>
<div class="form-group">
<input type="password" name=user_pw placeholder="Password" class="form-control">
</div>
<button type="submit" class="btn btn-success">Sign in</button>
</form>
<?php
} else {
?>
<form class="navbar-form navbar-right" method=POST action=signout.php>
<button type="submit" class="btn btn-success">Sign out</button>
</form>
<?php
}
?>
</div>
</nav>
<!-- Main jumbotron for a primary marketing message or call to action -->
<div class="jumbotron">
<div class="container">
<table class="table table-striped">
<thead>
<tr>
<th> 번호 </th>
<th> 게시글 제목 </th>
<th> 작성자 </th>
<th> 작성시간 </th>
</tr>
</thead>
<tbody>
<?php
$resource = mysql_query( " SELECT * FROM board" );
$total_len = mysql_num_rows( $resource );
if( isset($_GET[idx]) ) {
$start = $_GET[idx] * 10;
$sql = "SELECT * FROM board ORDER BY no DESC LIMIT $start, 10";
} else {
$sql = "SELECT * FROM board ORDER BY no DESC LIMIT 10";
}
$resource = mysql_query( $sql );
$num = 1;
while( $row = mysql_fetch_assoc( $resource ) ) {
print "<tr>";
print "<th scope='row'>$num</th>";
print "<td>$row[title]</td>";
print "<td>$row[writer]</td>";
print "<td>$row[time]</td>";
print "</tr>";
$num++;
}
$count = (int)($total_len / 10);
if( $total_len % 10 ) { $count++; }
print "<tr>";
print "<td colspan=4 align=center>";
for( $i = 0; $i < $count; $i++ ) {
print "<a href=http://192.168.12.100/index.php?idx={$i}> [";
$j = $i+1;
print $j;
print "] </a>";
}
print "</td>";
print "</tr>";
?>
</tbody>
</table>
</div>
</div>
<div class="container">
<form class="navbar-form navbar-right" method=POST action=write.php>
<button type="submit" class="btn btn-success">글쓰기</button>
</form>
</div>
<footer>
<p>© made 20170823</p>
</footer>
</body>
</html>
db.php
<?php
$db = mysql_connect( 'localhost', 'root', '1234' );
if( !$db ) {
die( 'MYSQL connect ERROR: ' . mysql_error());
}
$ret = mysql_select_db( 'bbs', $db );
if( !$ret ) {
die( 'MYSQL select ERROR: ' . mysql_error());
}
?>
signin.php
<?php
include 'db.php';
session_start();
$id = $_POST[user_id];
$pw = $_POST[user_pw];
$sql = "SELECT * FROM user WHERE user_id = '{$id}' and user_pw = md5('{$pw}')";
$resource = mysql_query( $sql );
$num = mysql_num_rows( $resource );
$row = mysql_fetch_assoc( $resource );
if( $num > 0 ) {
// 인증에 성공한 경우
// 중복 체크
$sql = "SELECT * FROM session WHERE user_id = '{$id}'";
$resource = mysql_query( $sql );
$num = mysql_num_rows( $resource );
if( $num > 0 ) {
// 이미 로그인한 사용자인 경우
echo "<script> alert('해당 아이디는 이미 로그인한 상태입니다'); </script>";
} else {
// 아직 로그인하지 않은 경우
// 1. 세션 테이블에 사용자 정보를 입력(insert)
$sess_id = session_id();
$sql = "INSERT INTO session VALUE( $row[no], '$id', '$sess_id' )";
$ret = mysql_query( $sql );
// 2. 세션 변수에 아이디 추가
$_SESSION[user_id] = $id;
$_SESSION[is_login] = 1;
// 3. 로그인 환영 메시지 출력
echo "<script> alert('로그인 되었습니다'); </script>";
}
} else {
// 인증에 실패한 경우
echo "<script> alert('아이디 또는 패스워드가 올바르지 않습니다.'); </script>";
}
?>
<meta http-equiv='refresh' content="0;url='http://192.168.12.100/index.php'">
signout.php
<?php
include 'db.php';
session_start();
$user_id = $_SESSION[user_id];
$sql = "DELETE FROM session WHERE user_id = '{$user_id}'";
$ret = mysql_query( $sql );
setcookie( session_name(), '', time()-99999999 );
session_destroy();
?>
<meta http-equiv='refresh' content="0;url='http://192.168.12.100/index.php'">
write.php
<?php
include 'db.php';
session_start();
$user_id = $_SESSION[user_id];
$sql = "SELECT * FROM session WHERE user_id = '{user_id}'";
$ret = mysql_query( $sql );
if( $ret ) {
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title> 게시판 </title>
<!-- Bootstrap core CSS -->
<link href="bootstrap-3.3.2-dist/css/bootstrap.min.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="bootstrap-3.3.2-dist/css/jumbotron.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-inverse navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="#"> 게시판 </a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<?php
if( !isset($_SESSION[is_login]) && $_SESSION[in_login] != 1 ) {
?>
<form class="navbar-form navbar-right" method=POST action=signin.php>
<div class="form-group">
<input type="text" name=user_id placeholder="USER ID" class="form-control">
</div>
<div class="form-group">
<input type="password" name=user_pw placeholder="Password" class="form-control">
</div>
<button type="submit" class="btn btn-success">Sign in</button>
</form>
<?php
} else {
?>
<form class="navbar-form navbar-right" method=POST action=signout.php>
<button type="submit" class="btn btn-success">Sign out</button>
</form>
<?php
}
?>
</form>
</div><!--/.navbar-collapse -->
</div>
</nav>
<!-- Main jumbotron for a primary marketing message or call to action -->
<div class="jumbotron">
<div class="container">
<form class="form-horizontal" method=POST action=write_ok.php>
<div class="form-group">
<label for="inputEmail3" class="col-sm-2 control-label">제목</label>
<div class="col-sm-10">
<input type="text" name=title class="form-control" id="inputEmail3">
</div>
</div>
<label for="inputEmail3" class="col-sm-2 control-label">게시글</label>
<div class="col-sm-offset-2 col-sm-10">
<textarea name=body class="form-control" rows="10"></textarea>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default">작성 완료</button>
</div>
</div>
</form>
</div>
</div>
<footer>
<p>© made 20170823</p>
</footer>
</body>
</html>
<?php
}else {
echo "<script> alert('로그인한 사용자만 글 작성이 가능합니다'); </script>";
?>
<meta http-equiv='refresh' content="0;url='http://192.168.12.100/index.php'">
<?php
}
?>
write_ok.php
<?php
include 'db.php';
session_start();
$title = $_POST[title];
$body = $_POST[body];
$user_id = $_SESSION[user_id];
$date = date("Y-m-d H:i:s");
$sql = "INSERT INTO board( title, body, writer, time ) VALUE ( '{$title}', '{$body}', '{$user_id}', '{$date}' )";
$ret = mysql_query( $sql );
?>
<meta http-equiv='refresh' content="0;url='http://192.168.12.100/index.php'">
signup.php
<?php
include 'db.php';
$user_id = $_POST[user_id];
$user_pw = $_POST[user_pw];
$email = $_POST[email];
if( $user_id != '' && $user_pw != '' && $email != '' ) {
// duplicate check
$sql = "SELECT * FROM user WHERE user_id='{$user_id}'";
$resource = mysql_query( $sql );
$num = mysql_num_rows( $resource );
if( $num > 0 ) {
echo "<script> alert('already use id'); </script>";
echo "<script> window.history.back(); </script>";
exit(0);
}
$sql = "INSERT INTO user( user_id, user_pw, email ) VALUE( '{$user_id}',
md5('{$user_pw}'), '{$email}' )";
$ret = mysql_query( $sql );
if( $ret ) {
echo "<script> alert('회원가입이 정상적으로 처리되었습니다'); </script>";
echo "<meta http-equiv='refresh' content=\"0;url=http://192.168.12.100/index.php\">";
exit(0);
}else {
die( 'MYSQL query ERROR: ' . mysql_error());
}
}else {
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>게시판</title>
<!-- Bootstrap core CSS -->
<link href="bootstrap-3.3.2-dist/css/bootstrap.min.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="bootstrap-3.3.2-dist/css/signin.css" rel="stylesheet">
</head>
<body>
<div class="container">
<form class="form-signin" method=POST>
<h2 class="form-signin-heading">Please sign up</h2>
<input type="text" name=user_id class="form-control"
placeholder="User ID" required autofocus>
<input type="password" name=user_pw class="form-control"
placeholder="Password" required>
<input type="email" name=email class="form-control"
placeholder="Email address" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign up</button>
</form>
</div> <!-- /container -->
</body>
</html>
<?php
}
?>
'프로그래밍 > WEB HACKING' 카테고리의 다른 글
| [WEB HACKING] XSS 종류 및 차단 방법( 입력값 검증 ) / CSRF( Cross Site Request Forgery ) 취약점 개념 (0) | 2017.08.30 |
|---|---|
| [WEB HACKING] 제로보드 설치 / 제로보드 XSS( Cross Site Scripting ) 취약점 (0) | 2017.08.30 |
| [WEB HACKING] 게시판 만들기(3) 로그아웃 기능 / 글쓰기 기능 / 페이징 처리 (1) | 2017.08.29 |
| [WEB HACKING] 게시판 만들기(2) 메인 페이지 / 로그인 구현하기 / DB 연결 페이지 (2) | 2017.08.29 |
| [WEB HACKING] 게시판 만들기(1) 시나리오 / 회원가입 페이지 만들기 (4) | 2017.08.29 |
댓글